Security Role - Audit Report

The Security Role - Audit Report enables organizations to monitor changes made to security roles. Organizations can retrieve information related to which users have been assigned to which security roles and the security role modification history. This report includes changes to the security role name, the parent security role, the security role type, active status, the permissions included in the security role, and users assigned to or removed from the security role.

This report supports 100,000 rows of data.

To access the Security Role - Audit Report, go to Reports > Standard Reports. From the System tab, select the Security Role - Audit Report link.

PERMISSION NAME PERMISSION DESCRIPTION CATEGORY
Security Administration - General Constraints Grants access to apply general constraints to permissions when creating/editing a security role. This permission works in conjunction with the Security Administration - Manager permission. This is an administrator permission. Core Administration
Security Administration - Manage Grants ability to create, modify and constrain security roles within the portal, and assign users to those security roles. This permission can be constrained by OU, User's OU, User, and User Self and Subordinates. This is an administrator permission. Core Administration
Security Role - Audit Report Grants access to the Security Role - Audit Report, which enables organizations to report on which users have been assigned to which security roles and the security role modification history. This permission cannot be constrained. Reports - System

Report Criteria

The following report filters are available:

Filter Name Description
Action Date Select a date range for the report. The report will return any modification history for the selected date range. The default value is Last Month. This is a required field. Date values are set in the time zone of the user running the report.
Security Role

Select one security roles to include in the report. The report will return any modification history related to the selected security role.

The Security Role filter is visible to all users. However, a Restricted Access error message is displayed if an administrator attempts to use the filter or process the report if they do not have the Security Administration - Manage permission. Further, administrators can only view security roles that are within their Security Administration - Manage and Security Administration - General Constraints permissions.
Role Status Select this option to include inactive security roles in the report output.

Report Output

The following details are included in the report output:

Column Name Description
Security Role Name This displays the name of the security role that was modified.
Security Role ID This displays the ID of the security role that was modified.
Security Role Type This displays the type associated with the security role.
Security Role Active This displays whether the security role is active or inactive.
Changed On This displays the date on which the action occurred. Date fields are displayed in the time zone of the user running the report.
Changed By User ID

This displays the User ID of the user who modified the security role.

Important: If a user creates a dynamic rule to assign a security role, then that rule creator will appear as the actor for any subsequent dynamic assignments of the role even if the rule creator is made inactive in the system.

Changed By Username This displays the Username of the user who modified the security role.
Changed By User Full Name This displays the full name of the user who modified the security role.
Field Changed This displays which field was modified within the security role, if applicable.
Action Performed This displays the specific action that was taken upon the security role.
Old value This displays the old value of the field that was modified, if applicable.
New Value This displays the new value of the field that was modified, if applicable.

Considerations

  • The Security Role pop-up will show only the roles that a user is part of AND the child roles of those roles.
  • If a user creates a dynamic rule to assign a security role, then that rule creator will appear as the actor for any subsequent dynamic assignments of the role even if the rule creator is made inactive in the system.